Message ID | e69-6745b200-5-62ab6480@238479372 |
---|---|
State | Not Applicable |
Headers | show
Return-Path: <ovs-dev-bounces@openvswitch.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XytJn0Tdlz1yD1 for <incoming@patchwork.ozlabs.org>; Wed, 27 Nov 2024 19:43:52 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 4B00160673; Wed, 27 Nov 2024 08:43:50 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id mRcOE4VMgwaS; Wed, 27 Nov 2024 08:43:49 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN> DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 1F1C66070C Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp3.osuosl.org (Postfix) with ESMTPS id 1F1C66070C; Wed, 27 Nov 2024 08:43:49 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id D5F81C08AA; Wed, 27 Nov 2024 08:43:48 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 4CABAC08A8 for <dev@openvswitch.org>; Tue, 26 Nov 2024 11:39:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 32F80614AD for <dev@openvswitch.org>; Tue, 26 Nov 2024 11:39:01 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id VuUw6GLcB3YE for <dev@openvswitch.org>; Tue, 26 Nov 2024 11:39:00 +0000 (UTC) X-Greylist: delayed 341 seconds by postgrey-1.37 at util1.osuosl.org; Tue, 26 Nov 2024 11:39:00 UTC DMARC-Filter: OpenDMARC Filter v1.4.2 smtp3.osuosl.org 50EC8610A9 Authentication-Results: smtp3.osuosl.org; dmarc=none (p=none dis=none) header.from=astralinux.ru DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 50EC8610A9 Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=195.16.41.108; helo=mail-gw02.astralinux.ru; envelope-from=vlistratenko@astralinux.ru; receiver=<UNKNOWN> Received: from mail-gw02.astralinux.ru (mail-gw02.astralinux.ru [195.16.41.108]) by smtp3.osuosl.org (Postfix) with ESMTPS id 50EC8610A9 for <dev@openvswitch.org>; Tue, 26 Nov 2024 11:39:00 +0000 (UTC) Received: from gca-msk-a-srv-ksmg01.astralinux.ru (localhost [127.0.0.1]) by mail-gw02.astralinux.ru (Postfix) with ESMTP id CA5671F9AB for <dev@openvswitch.org>; Tue, 26 Nov 2024 14:33:13 +0300 (MSK) Received: from new-mail.astralinux.ru (gca-yc-ruca-srv-mail05.astralinux.ru [10.177.185.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail-gw02.astralinux.ru (Postfix) with ESMTPS for <dev@openvswitch.org>; Tue, 26 Nov 2024 14:33:13 +0300 (MSK) Received: from localhost (localhost [127.0.0.1]) by new-mail.astralinux.ru (Postfix) with ESMTPA id 4XyL6d1cJhz1c0sD for <dev@openvswitch.org>; Tue, 26 Nov 2024 14:33:13 +0300 (MSK) From: =?utf-8?b?0JLQuNGC0LDQu9C40Lkg0JvQuNGB0YLRgNCw0YLQtdC90LrQvg==?= <vlistratenko@astralinux.ru> To: dev@openvswitch.org User-Agent: SOGoMail 5.11.0-rp11 MIME-Version: 1.0 Date: Tue, 26 Nov 2024 14:33:12 +0300 Message-ID: <e69-6745b200-5-62ab6480@238479372> X-Forward: 10.198.18.30 X-KSMG-AntiPhishing: NotDetected X-KSMG-AntiSpam-Auth: dkim=none X-KSMG-AntiSpam-Envelope-From: vlistratenko@astralinux.ru X-KSMG-AntiSpam-Info: LuaCore: 42 0.3.42 bec10d90a7a48fa5da8c590feab6ebd7732fec6b, {Tracking_from_domain_doesnt_match_to}, d41d8cd98f00b204e9800998ecf8427e.com:7.1.1; astralinux.ru:7.1.1; 127.0.0.199:7.1.2; new-mail.astralinux.ru:7.1.1, FromAlignment: s X-KSMG-AntiSpam-Interceptor-Info: scan successful X-KSMG-AntiSpam-Lua-Profiles: 189412 [Nov 26 2024] X-KSMG-AntiSpam-Method: none X-KSMG-AntiSpam-Rate: 0 X-KSMG-AntiSpam-Status: not_detected X-KSMG-AntiSpam-Version: 6.1.1.7 X-KSMG-AntiVirus: Kaspersky Secure Mail Gateway, version 2.1.0.7854, bases: 2024/11/26 08:10:00 #26896757 X-KSMG-AntiVirus-Status: NotDetected, skipped X-KSMG-LinksScanning: NotDetected X-KSMG-Message-Action: skipped X-KSMG-Rule-ID: 1 X-Mailman-Approved-At: Wed, 27 Nov 2024 08:43:46 +0000 X-Content-Filtered-By: Mailman/MimeDel 2.1.30 Subject: [ovs-dev] =?utf-8?q?=5BPATCH=5D_timeval=3A_Fix_buffer_overflow_if_m?= =?utf-8?q?sec_is_out_of_range=2E?= X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: <ovs-dev.openvswitch.org> List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>, <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe> List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/> List-Post: <mailto:ovs-dev@openvswitch.org> List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help> List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>, <mailto:ovs-dev-request@openvswitch.org?subject=subscribe> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" <ovs-dev-bounces@openvswitch.org> |
Series |
[ovs-dev] timeval: Fix buffer overflow if msec is out of range.
|
expand
|
diff --git a/lib/timeval.c b/lib/timeval.c index 10c1b9ca1..d29105053 100644 --- a/lib/timeval.c +++ b/lib/timeval.c @@ -865,7 +865,8 @@ strftime_msec(char *s, size_t max, const char *format, char decimals[4]; char *p; - sprintf(decimals, "%03d", tm->msec); + int msec = tm->msec > 999 ? 999 : (tm->msec < 0 ? 0 : tm->msec); + sprintf(decimals, "%03d", msec); for (p = strchr(s, '#'); p; p = strchr(p, '#')) { char *d = decimals; while (*p == '#') {
If tm->msec is negative or more than 999, stack buffer overflow happens. Possible solution is keep msec in range [0..999]. Testing performed via Libfuzzer. Signed-off-by: Vitaly Listratenko <vlistratenko@astralinux.ru> ---